Security researchers have discovered a zero-day vulnerability in video conferencing platform Zoom which can be used by cybercriminals to launch remote code execution (RCE) attacks. The vulnerability was discovered as part of a contest, Pwn2Own, organised by cybersecurity firm Trend Micro's Zero Day Initiative (ZDI), a programme designed to reward security researchers for responsibly disclosing vulnerabilities.

The researchers from the Netherlands-based Computest won $200,000 for the discovery. "Confirmed! The duo of Daan Keuper and Thijs Alkemade from Computest used a 3-bug chain to exploit #Zoom messenger with 0 clicks from the target. They win $200,000 and 20 points towards Master of Pwn. #Pwn2Own," Zero Day Initiative tweeted on Thursday.